From the site: Five teenagers are of various heights. Alex is taller than Dennis, who is shorter than Eunice. Chris is shorter than Bob, but taller than Alex. Who among them is the third tallest? [1. Chris 2. Alex 3. Dennis 4. Eunice]
To rewrite: Alex > Dennis Dennis < Eunice (but we don't know if Eunice is taller than Alex or not, etc) Chris < Bob Chris > Alex.
Smushing these together (and getting all >'s in the same direction), you get: Bob > Chris > Alex > Dennis Eunice > Dennis
These are the combinations I came up with that still fit the teenagers relative heights: Bob > Chris > Alex > Eunice > Dennis Bob > Chris > Eunice > Alex > Dennis Bob > Eunice > Chris > Alex > Dennis Eunice > Bob > Chris > Alex > Dennis
Who is the third tallest? Well, Alex, Chris or Eunice. (Answers 1, 2, or 4.)
What did I miss?
[Even if I read "who is shorter than Eunice" to mean Alex < Eunice I still end up with 2 of the answers]
I mean, could I just make sure a friend of mine opens any mail I get from the FBI? He wouldn't be constrained by what he saw, and by that point I wouldn't have been notified not to include him on anything.
Yeah, that was my point. Bypassing any coercion is so easy that it's just not an issue. This system provides for that, but just didn't describe it as one of the problems it solves.
>Restrict the account that is used to access the database to the absolute minimum permissions it needs to run; using one set of credentials for insert/update/delete and another for selects is enough to foil a lot of exploits (I actually never allow deletes, just out of paranoia...I just update the record with an "inactive" flag, and purge them later with a local account).
Excellent practice, but doing this actually leads you into the vulnerability described in MS Alert 951306. That can allow users to punch out of the context you gave them and take whatever context your service is running in, possibly even "Local System", which would really suck.
There is really an IIS component to it though... The MS article shows a privilege escalation on the server, so if the injected code is running in the context of a relatively safe "Network User" account, it can be escalated to "Local System", and your server is owned.
SQL injection to run code to get a privilege escalation to run code locally to do whatever.
My guess is servers that aren't publicly visible will be a bit safer, as they're at least not indexed by Google and thus not as easily discoverable. (Doesn't stop bot networks from scanning networks though)
In one case, lives are obviously at risk. In the other, it'd be a real stretch to say lives would be at risk, and would be less at risk based on what you'd be doing to the machine.
Just because a burglar broke into my house doesn't give you permission to go galavanting through.
> That's all advertising is. Ya know, I can't think of anything said with "That's all _x_ is" that is actually true.
There are actually some positive and helpful sides to advertising at least in my experience as a customer. It's sometimes nice to know about the new services at that hospital they just built... or "I'm hungry but I don't know what sounds good tonight... ooh let's get THAT. (or conversely, no, definitely not THAT, but that gives me an idea)... or to find out about some show that looks interesting.
Yeah, there's a lot of crap out there, and a lot of sleazy stuff... so just learn to avoid it. Who cares about everyone whether everyone else is happier or not. (Making all ads go away isn't going to make everyone happy all of a sudden, and we've had ads and spam for millenia, just not as broad of a broadcast.)
In our case, we are a "technology" company (take your grain of salt appropriately).
I've have seen several projects get outsourced, and end up running into the same cost overruns and worse. I haven't seen any of them come back though. On one hand they seem to have learned the lesson... these guys are doing it now, don't disrupt it. On the other hand, they haven't learned, as I continue to see projects leave and miss their projected numbers by multiples of >5.
I know of places that have actually done it well. It would have sucked to lose my job to that, but I could understand it to an extent. When you're torching me and the company together... that just ticks me off. (one more year and no more debt, then I can largely go where I want, just can't afford to right now.)
I'm still not thrilled by the move, but it looks like more of an issue of subtlety, not contradiction.
> Outside of FL, he goes on about slashing the NASA budget. OK, following ya there
>Then, when talking to people that directly affects, he changes the story to spending less on education and more on NASA to try to get votes. I don't see that in the link above. Where does it say anything about spending less on education?
From that it looks like he's stretching the overall timeline, but moving the front end of it up. (Less money = end takes longer) A common PM move in a restricted budget environment.
The thing that worries me in companies like mine, is the new management is hot on outsourcing, and have no real idea what we do. We've seen a large chunk of our work go out, quality and timing suffer, and they're pushing to do it more because the costs are down, and of course there's going to be a blip during a change.
Our skill has nothing to do with it... it's the 6 levels of management between us and the "deciders"
The only reason mail admins HAVE to keep spam out is that people expect it. There's nothing saying you can't contract another party to receive your mail for you and junk it, in real life.
In any case, I still risk losing mail IRL because I tend to toss my junk mail, and sometimes I'll catch a random letter or bill in there... usually just as I toss it so I have to dig it out of the bin.
So Johnny, here I have 2 dead hookers and over there I have 3 more. How many dead hookers do I have all together? 5! Very good. Now while we're here, let's discuss our anatomy lessons.
Sorry... reflexive thought whenever someone leaves themselves so open =-)
I still don't think you're saying what you think you're saying.
The more equivalent transaction would be 4 of us pitch in for the movies, and decide before hand that the decision is made based on the majority rule based on the money involved.
Assume 3 folks pay $6, and I pay $15. (ignore rounding errors)
You can describe that as I get a 45% share of the single outcome, compared to their 55% of the single outcome. We each got one vote, they were just weighed differently. You can equivalently say there were 100 votes, and I controlled 45 of them. You can equivalently say there were 33 votes, and I controlled 15 of them.
There is no effective distinction between the descriptions... so I don't quite get what useful and subtle distinction you're trying to make./unless you're trying to deconstruct the original terminology, in which case they really meant each share effectively represents one vote. Think of each share as one ballot, and he is allowed to make 83,843,591 copies of his and shove it in the box.
Slashdot Mirror
> Lawyers say it could place a duty on all second-hand users to establish the truth of everything they want to republish from such sites
Isn't that what newspaper reporters and editors are for?
>As for black slaveowners in America: Citation please. (i.e. I call B.S.)
Not that it affects the argument one way or another, but...
http://www.amazon.com/Black-Masters-Family-Color-South/dp/0393303144/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1213336625&sr=8-1
Where did it say that Alex was taller than Eunice though?
From the site:
Five teenagers are of various heights. Alex is taller than Dennis, who is shorter than Eunice. Chris is shorter than Bob, but taller than Alex. Who among them is the third tallest? [1. Chris 2. Alex 3. Dennis 4. Eunice]
To rewrite:
Alex > Dennis
Dennis < Eunice (but we don't know if Eunice is taller than Alex or not, etc)
Chris < Bob
Chris > Alex.
Smushing these together (and getting all >'s in the same direction), you get:
Bob > Chris > Alex > Dennis
Eunice > Dennis
These are the combinations I came up with that still fit the teenagers relative heights:
Bob > Chris > Alex > Eunice > Dennis
Bob > Chris > Eunice > Alex > Dennis
Bob > Eunice > Chris > Alex > Dennis
Eunice > Bob > Chris > Alex > Dennis
Who is the third tallest?
Well, Alex, Chris or Eunice. (Answers 1, 2, or 4.)
What did I miss?
[Even if I read "who is shorter than Eunice" to mean Alex < Eunice I still end up with 2 of the answers]
No, I didn't forget.
If I haven't yet been notified this is one of those notices, then I'm not covered by it, right?
I just can' tell anyone about it after I see it.
How do I know that the next think I get from the FBI is an NSL?
How are these delivered?
I mean, could I just make sure a friend of mine opens any mail I get from the FBI?
He wouldn't be constrained by what he saw, and by that point I wouldn't have been notified not to include him on anything.
>You'd think that, but you'd be forgetting that the courts have been packed by Republicans for the last 7 1/2 years,
You know it's possible to be a Republican and actually support the constitution, right?
Yeah, that was my point.
Bypassing any coercion is so easy that it's just not an issue. This system provides for that, but just didn't describe it as one of the problems it solves.
One thing you didn't mention was how it deals with people who would might be forced to reveal who they voted for.
They can take a picture of a ballot, and use another one to deposit.
Nothing to blackmail against, give bonuses for, etc.
I was reading an article on another issue, and confused the two (as did the article I was reading.
Yeah... that's right I broke tradition. I not only RTFA, but read a different one too =-/
>Restrict the account that is used to access the database to the absolute minimum permissions it needs to run; using one set of credentials for insert/update/delete and another for selects is enough to foil a lot of exploits (I actually never allow deletes, just out of paranoia...I just update the record with an "inactive" flag, and purge them later with a local account).
Excellent practice, but doing this actually leads you into the vulnerability described in MS Alert 951306. That can allow users to punch out of the context you gave them and take whatever context your service is running in, possibly even "Local System", which would really suck.
There is really an IIS component to it though... The MS article shows a privilege escalation on the server, so if the injected code is running in the context of a relatively safe "Network User" account, it can be escalated to "Local System", and your server is owned.
SQL injection to run code to get a privilege escalation to run code locally to do whatever.
My guess is servers that aren't publicly visible will be a bit safer, as they're at least not indexed by Google and thus not as easily discoverable. (Doesn't stop bot networks from scanning networks though)
No, its really not the same.
In one case, lives are obviously at risk.
In the other, it'd be a real stretch to say lives would be at risk, and would be less at risk based on what you'd be doing to the machine.
Just because a burglar broke into my house doesn't give you permission to go galavanting through.
I thought Apple stated that if they shut the service down, they'd release the master keys.
My Google-fu is weak, so maybe my hallucinogens are acting up again...
Dude... this isn't Fark /Random slashie
> That's all advertising is.
Ya know, I can't think of anything said with "That's all _x_ is" that is actually true.
There are actually some positive and helpful sides to advertising at least in my experience as a customer.
It's sometimes nice to know about the new services at that hospital they just built... or "I'm hungry but I don't know what sounds good tonight... ooh let's get THAT. (or conversely, no, definitely not THAT, but that gives me an idea)... or to find out about some show that looks interesting.
Yeah, there's a lot of crap out there, and a lot of sleazy stuff... so just learn to avoid it. Who cares about everyone whether everyone else is happier or not. (Making all ads go away isn't going to make everyone happy all of a sudden, and we've had ads and spam for millenia, just not as broad of a broadcast.)
If only it was as serious.
In my town, it's not unusual to see a police car screen an emergency U-turn to bag a jaywalker... they hand out tickets for it like crazy around here.
>1) NIMBY - everybody wants it but yet nobody wants it.
So, sad. I'd actually pay to have a power plant in my back yard, though... then again out here in my part of SoCal we don't have back yards anymore.
In our case, we are a "technology" company (take your grain of salt appropriately).
I've have seen several projects get outsourced, and end up running into the same cost overruns and worse. I haven't seen any of them come back though.
On one hand they seem to have learned the lesson... these guys are doing it now, don't disrupt it.
On the other hand, they haven't learned, as I continue to see projects leave and miss their projected numbers by multiples of >5.
I know of places that have actually done it well. It would have sucked to lose my job to that, but I could understand it to an extent. When you're torching me and the company together... that just ticks me off. (one more year and no more debt, then I can largely go where I want, just can't afford to right now.)
I'm still not thrilled by the move, but it looks like more of an issue of subtlety, not contradiction.
> Outside of FL, he goes on about slashing the NASA budget.
OK, following ya there
>Then, when talking to people that directly affects, he changes the story to spending less on education and more on NASA to try to get votes.
I don't see that in the link above. Where does it say anything about spending less on education?
From that it looks like he's stretching the overall timeline, but moving the front end of it up. (Less money = end takes longer)
A common PM move in a restricted budget environment.
The thing that worries me in companies like mine, is the new management is hot on outsourcing, and have no real idea what we do.
We've seen a large chunk of our work go out, quality and timing suffer, and they're pushing to do it more because the costs are down, and of course there's going to be a blip during a change.
Our skill has nothing to do with it... it's the 6 levels of management between us and the "deciders"
Pics or it didn't happen!
Wait... wrong site.
How 'bout a cite there? That's an awfully inflammatory thing to just lob out there.
The only reason mail admins HAVE to keep spam out is that people expect it.
There's nothing saying you can't contract another party to receive your mail for you and junk it, in real life.
In any case, I still risk losing mail IRL because I tend to toss my junk mail, and sometimes I'll catch a random letter or bill in there... usually just as I toss it so I have to dig it out of the bin.
So Johnny, here I have 2 dead hookers and over there I have 3 more. How many dead hookers do I have all together?
5!
Very good. Now while we're here, let's discuss our anatomy lessons.
Sorry... reflexive thought whenever someone leaves themselves so open =-)
I still don't think you're saying what you think you're saying.
/unless you're trying to deconstruct the original terminology, in which case they really meant each share effectively represents one vote. Think of each share as one ballot, and he is allowed to make 83,843,591 copies of his and shove it in the box.
The more equivalent transaction would be 4 of us pitch in for the movies, and decide before hand that the decision is made based on the majority rule based on the money involved.
Assume 3 folks pay $6, and I pay $15. (ignore rounding errors)
You can describe that as I get a 45% share of the single outcome, compared to their 55% of the single outcome. We each got one vote, they were just weighed differently.
You can equivalently say there were 100 votes, and I controlled 45 of them.
You can equivalently say there were 33 votes, and I controlled 15 of them.
There is no effective distinction between the descriptions... so I don't quite get what useful and subtle distinction you're trying to make.